<?php
/**
 * Created by PhpStorm.
 * User: dehong
 * Date: 2016/10/8
 * Time: 22:10
 */
session_start();
// 定义个常量，用来调用includes里面的文件
define('IN_TG',true);
// 用来指定本页内容
define('SCRIPT','member_message_detail');
// 引入公共文件
require dirname(__FILE__).'/includes/common.inc.php'; // 转换成硬路径,速度更快
// 判断是否登录了
if(!isset($_COOKIE['username'])){
    _alert_close('请先登录!');
}
// 删除短信模块
if(@$_GET['action'] == 'delete' && isset($_GET['id'])){
    //验证短信是否合法
    $_rows = _query("SELECT tg_id FROM tg_message WHERE tg_id='{$_GET['id']}'");
    if(!!$_rows){
        //当你进行危险操作时，要进行唯一标识符验证
        if(!!$_rows2 = _query("SELECT tg_uniqid FROM tg_user WHERE tg_username='{$_COOKIE['username']}' LIMIT 1")) {
            // 为了防止cookie伪造，还要对比一下唯一标识符uniqid()
            _uniqid($_rows2['tg_uniqid'], $_COOKIE['uniqid']);
            //删除短信
            $_sql = "DELETE FROM tg_message WHERE tg_id='{$_GET['id']}' LIMIT 1";
            $result = $GLOBALS['dbh']->exec($_sql) or die('SQL执行错误！');
            if($result){
                $GLOBALS['dbh'] = null;
                _location('短信删除成功！','member_message.php');
            } else {
                $GLOBALS['dbh'] = null;
                _alert_back('短信删除失败！');
            }
        }else{
            _alert_back('非法登录！');
        }
    }else{
        _alert_back('短信不存在！');
    }
}
// 处理id
if(isset($_GET['id'])){
    // 获取数据
    $_rows = _query("SELECT
                           tg_id,tg_state,tg_fromuser,tg_content,tg_date
                     FROM
                           tg_message
                     WHERE
                           tg_id='{$_GET['id']}'"
    );
    if($_rows){
        // 将state状态设置为1
        if(empty($_rows['tg_state'])){
            $_sql = "UPDATE tg_message SET tg_state=1 WHERE tg_id='{$_GET['id']}' LIMIT 1";
            $_result = $GLOBALS['dbh']->exec($_sql) or die('SQL执行错误！');
            if(!$_result){
                _alert_back('异常！');
            }
        }
        $_html = array();
        $_html['id'] = $_rows['tg_id'];
        $_html['fromuser'] = $_rows['tg_fromuser'];
        $_html['content'] = $_rows['tg_content'];
        $_html['date'] = $_rows['tg_date'];
        $_html = _html($_html);
    }else{
        _alert_back('此短信不存在');
    }
}else{
    _alert_back('非法登陆！');
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <?php require ROOT_PATH.'includes/title.inc.php'; ?>
    <script type="text/javascript" src="js/member_message_detail.js"></script>
</head>
<body>
<?php require ROOT_PATH."includes/header.inc.php"; ?>

<div id="member">
    <?php require ROOT_PATH."includes/member.inc.php";?>
    <div id="member_main">
        <h2>短信详情</h2>
        <dl>
            <dd>发 信 人：<?php echo $_html['fromuser']?></dd>
            <dd>内&nbsp;&nbsp;容：<strong><?php echo $_html['content']?></strong></dd>
            <dd>发信时间：<?php echo date('Y-m-d H:i:s',$_html['date'])?></dd>
            <dd class="button"><input type="button" value="返回列表" id="return" /> <input type="button" name="<?php echo $_html['id']?>" value="删除短信" id="delete"/></dd>
        </dl>
    </div>
</div>
<?php require ROOT_PATH."includes/footer.inc.php"; ?>
</body>
</html>
